Merge pull request #30 from tbartelmess/f-https-address

Use HTTPS when TLS is enabled
ansible-community · Oct 12, 2017 · 9dcc46b · 9dcc46b
2 parents 00d9104 + f9d364f
commit 9dcc46b
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -63,6 +63,7 @@ vault_consul_service: vault
 
 vault_tls_config_path: /etc/vault/tls
 vault_tls_disable: "{{ lookup('env','VAULT_TLS_DISABLE') | default(1, true) }}"
+vault_protocol: "{% if vault_tls_disable %}http{% else %}https{% endif %}"
 vault_tls_cert_file: "../files/{{ vault_node_name }}.crt"
 # /etc/pki/tls/certs/vault.crt is distribution-specific/not a good default
 # a distribution-specific play to link into expected destination is preferred

diff --git a/templates/vault_backend_consul.j2 b/templates/vault_backend_consul.j2
@@ -5,7 +5,7 @@ backend "consul" {
   datacenter = "{{ vault_datacenter }}"
   path = "{{ vault_consul_path }}"
   service = "{{ vault_consul_service }}"
-  cluster_addr = "http://{{ vault_cluster_address }}:{{ _vault_plus_one_port }}"
-  redirect_addr = "http://{{ vault_redirect_address }}:{{ vault_port }}"
+  cluster_addr = "{{vault_protocol}}://{{ vault_cluster_address }}:{{ _vault_plus_one_port }}"
+  redirect_addr = "{{vault_protocol}}://{{ vault_redirect_address }}:{{ vault_port }}"
   disable_clustering = "{{ vault_cluster_disable }}"
 }